Senior DevSecOps Engineer

PressReader is a rapidly growing technology company that partners with the world’s leading publishers to deliver content to millions of users in over 160 countries. Our progressive approach to digital distribution has allowed publishers such as The Washington Post, The Guardian, Newsweek, Rolling Stone, The Globe and Mail, and Vogue to find new audiences through business partnerships, including airlines, hotels, cruise ships, libraries, and thousands of other companies worldwide.

Our technology also powers Branded Editions (BE) - a white-label solution that enables publishers to deliver their digital content in interactive ways. BE allows them to build a customizable platform that supports a wide range of revenue opportunities.

We have an opportunity for a Senior DevSecOps Engineer role to join our Engineering Team.

In this role, you will:

• Implement security checks in CI/CD pipelines
• Design, implement, and maintain a vulnerability management platform
• Conduct regular security assessments, vulnerability scans, and penetration tests to identify and mitigate security weaknesses in applications, infrastructure, and code
• Monitor and analyze system logs, security events, and alerts to promptly identify and respond to security incidents
• Ensure software applications adhere to industry regulations, standards, and security policies
• Implement and maintain security controls and procedures to meet compliance requirements
• Assess and prioritize potential security threats and vulnerabilities, and identify appropriate countermeasures and mitigation strategies
• Implement and maintain dependency management processes and tools
• Harden Kubernetes clusters, on-prem and cloud infrastructure for enhanced security
• Implement security tools within Kubernetes clusters
• Enforce custom policies on Kubernetes objects using OPA (Open Policy Agent)
• Design and implement a secure development strategy
• Build secure base images for development teams
• Automate security-related tasks and processes, such as vulnerability scanning, code analysis, and compliance checks to improve efficiency and accuracy
• Participate in infrastructure architecture and services development as a security expert
• Educate development teams on secure coding practices, security risks, and emerging threats, promoting a culture of security awareness and responsibility
• Work closely with development, operations, and security teams to foster collaboration, share knowledge, and align objectives to ensure secure software delivery

You are a great fit if you have:

• Bachelor’s degree in Computer Science or related field
• A least 3 years of experience in development
• A positive attitude and a willingness to do whatever it takes to create robust solutions to complex problems
• Strong communication and interpersonal skills
• Self-motivated and able to solve problems independently

Bonus points if you:

• Have experience achieving SOC2 HIPAA, ISO 27001 Compliance levels
• Experience with security at the network, transport, and application layers (DNS-SEC, OWASP, HTTP, TLS, etc.)

This role is a full-time position based in our Richmond, BC office. Working from home is available during the Covid pandemic and we are actively considering and trialing hybrid solutions post-pandemic.

We understand everyone has different circumstances; however, we will only consider applicants who are legally eligible to work in Canada.

If you don’t see yourself fully reflected in every job requirement listed for this job, we still encourage you to apply. We are committed to creating a more equitable, inclusive and diverse company and we welcome applicants of all genders, ages, ethnicities, cultures, abilities, sexual orientations, sexual identification, and life experiences.

Sometimes emergencies happen and you may need to reschedule an interview. We understand. Please let us know without worrying about losing the opportunity or your credibility.

PressReader offers a compensation package which includes extended health care, dental, vision and accidental death insurance paid by the company; 15 paid vacation days to start, sick and bereavement days; reimbursements for professional training and membership in professional associations; fitness subsidy and more, along with a chance to be working with amazing people.

To apply, please submit your resume, and a cover letter explaining why you are the right person for this role.